# frozen_string_literal: true
class SessionController < ApplicationController
  skip_before_action :check_auth

  def new
    @editor = Editor.new
  end

  def create
    @editor = Editor.where(telephone: params[:editor][:telephone]).first.try(:authenticate, params[:editor][:password])
    if @editor
      session[:editor_telephone] = @editor.telephone
      redirect_to editors_url
    else
      redirect_to root_url,  notice: '用户名或密码错误'
    end
  end

  def destroy
    session[:editor_telephone] = nil

    redirect_to root_url ,notice: '退出成功'
  end

  private

  def editor_params
    params.require(:editor).permit(:telephone, :name, :password)
  end
end
